There are two preventive measures that users should be aware of in order not to fall victim to hackers
Microsoft Word. (Photo: RCN Radio)
A new “zero-day” vulnerability discovered in Microsoft Office and more specifically in Microsoft Word, by the ‘Naosec’ cybersecurity team, allows hackers to remotely access the computer< b> of a user to steal personal data.
The vulnerability, dubbed ‘Follina’ by researcher Kevin Beaumont, appears to affect different versions of the Microsoft Office suite. This includes versions from 2013 to 2021 and even Office Pro Plus and Office 365.
What is this Word bug about?
The bug specifically allows execution of PowerShell commands via MSDT, a Microsoft Word support tool. Microsoft. All this, thanks to a simple Word document.
Beaumont noted in a post that the “document uses the remote template function” of Microsoft’s text editing program to “get HTML from a remote web server,” while also using the “msmsdt MSProtocol” URI scheme to load code and run it in the aforementioned console interface. All this, without being detected by Windows Defender and even working with macros disabled.
Windows Defend. (photo: programacion.net)
Although Microsoft classified it as a zero-day vulnerability a few hours ago, the vulnerability has been present in the Office suite for weeks, according to Beaumont. The hackers appear to be using Word documents with content intended to draw the attention of victims.
Among them, the testimony of a person who was a victim of sexual harassment or even interview requests for a Russian media. In addition, remote access is gained immediately after opening the document, and in some cases even by previewing it in File Explorer.
Two measures to prevent a hacker from controlling a PC via the new Word flaw
Microsoft, by not initially treating this vulnerability as such, is already looking for a fix, so it is likely that in the next few days the Office suite and even Windows receive a new security update to fix the problem.
In the meantime, users can take a few steps to prevent hackers from breaking into their computers altogether:< /p>
– One of these measures is to avoid opening or downloading unknown documents. For example, files that come by email. Remember that the vulnerability is loaded with a remote Word template. Therefore, and as already mentioned above, it is very difficult for Microsoft Defender or any other similar antivirus software to detect the file as a threat.
– It is also possible, on the other hand, to disable certain Microsoft Word features and processes, such as preventing Office applications from creating threads or manually deleting the ‘msmsdt’ file through the Windows editor. This will prevent Microsoft from running this process.
Microsoft Word file. (photo: Compudiagnosis)
How to avoid losing a document if Microsoft Word closes
First, you have to run the program the usual way.
Then go to the settings pagethat Office has to customize the behavior of the text editor. This is achieved simply by going to the File menu in the main interface of Word and selecting the input options that will be displayed on the screen.
Microsoft Word on a MacBook Pro. (Photo: Microsoft Word/Jose Arana)
In the left pane of the window, you go to Save.
The first thing that will be changed is the autosave time. This way, if there is a sudden error with the computer or with that program, you won’t lose your data because the file has been recently saved.
Changes in the Save option of Microsoft Word. (photo: iSenaCode)
But that’s not all, at the same time a disk path can be specified for the backup files to be saved.
This way the corresponding temporary files can be located immediately in case something goes wrong on the PC or Word suddenly closes.